1. Field of the Invention
The present invention relates to a content reproduction apparatus, in particular to a content reproduction apparatus which reproduces digital contents.
2. Description of the Related Art
Under a digital content copyright protection method for a recording media, such as an optical disc equivalent to a Digital Versatile Disc (DVD), a Secure Digital (SD) memory card, and a semiconductor recording media such as a memory stick, contents are encrypted and recorded in the media. The encrypted contents are decrypted with a key embedded in a content reproduction apparatus and reproduced. Under a license agreement with a licensor, the licensor gives a license for use of the copyright protection method, a manufacturer of manufacturing a content reproduction apparatus receives a key necessary for decrypting the contents (hereafter referred to as “device key”) with a license of manufacturing a content reproduction apparatus.
The license agreement includes security implementation specifications (compliance rule, robustness rule). The following implementation conditions are enforced to the licensed manufacturer: (i) to implement the received device key in the content reproduction apparatus in a format in which a certain level of security standard is satisfied; (ii) not to output content data in plaintext decrypted in the content reproduction apparatus to outside of the content reproduction apparatus via a general external interface; and (iii) not to output the content data to an user accessible bus in the content reproduction apparatus.
In compliance with the security implementation specifications by the mechanism and agreement of the content encryption using a device key, the contents recorded in the media can be prevented from, without permission, being copied to a hard disc and other recording media and being distributed to the Internet.
However, the mechanism only cannot resist to the threat caused in the case where the protection implementation applied when the manufacturer embedded the device key in the content reproduction apparatus and the device key is disclosed. That is, an analyzer who disclosed the device key can generate and circulate an unauthorized copying tool so as to decrypt an encrypted content and copy on a hard disc based on the device key (i.e., ignoring the security implementation specifications). However, the content encryption mechanism only cannot prevent the malpractices by such analyzer.
Accordingly, a key revocation technique has been introduced to many copyright protection methods as a countermeasure against the disclosure of the device key. As a specific method of key revocation, for example, there is a method disclosed in Intel Corporation et al., “Content Protection for Recordable Media Specification, Introduction and Common Cryptographic Elements,” Revision 1.0, Jan. 17, 2003 (hereafter referred to as “relevant literature”). In this key revocation method, a unique device key is given to each content reproduction apparatus. Also, index information for identifying a device key (hereafter referred to as “device key index information”) is assigned to each device key and given to each content reproduction apparatus with the device key. The content reproduction apparatus can decrypt the encrypted content based on the device key and the attached device key index information.
Using this key revocation technique, even if a device key is disclosed, the device key can be revoked so that the revoked device key cannot decrypt contents to be written in a recording media manufactured after the revocation or contents recorded in the recorded media manufactured after the revocation. Whereas the detail about the technique is disclosed in the relevant literature, further explanation is not provided in here. Thus, the key revocation technique can embed a unique device key in each content reproduction apparatus and separately revoke the disclosed device key.
However, in the key revocation technique, it is necessary to embed a unique device key in each content reproduction apparatus. Also, the manufacturer has to work so that device keys cannot be read out from outside based on the conditions in the license agreement. This is very inconvenient for the content reproduction apparatus manufacturer. Because, in the case of receiving a repair request of the content reproduction apparatus due to operation malfunction from an end user, it is necessary to know details of the device key embedded in the content reproduction apparatus in order to specify a malfunctioned part, in particular to judge whether or not the malfunction is occurring in the decryption processing unit. For example, under a circumstance where some device keys are actually revoked, it is necessary to know details of the device key in order to judge whether the content reproduction apparatus requested to be repaired is a content reproduction apparatus in which a revoked device key is embedded. However, since the details of the device key cannot be known as described above, it is a problem that whether or not the device key embedded in the content reproduction apparatus is revoked cannot be known.
On the other hand, there is a following problem in another perspective. It is necessary to use a device key unique to each content reproduction apparatus. Also, a licensor of the copyright protection method needs to verify anytime about whether the manufacturer of the content reproduction apparatus as a licensee is not performing a malpractice such as embedding same device key into a plurality of content reproduction apparatuses ignoring the license agreement. In order to fulfill this necessity, in the present circumstance, the device key is implemented so as not to be read out from the content reproduction apparatus. Therefore, there is a problem that the licensor of the copyright protection method cannot verify whether or not the same device key is embedded in the plurality of content reproduction apparatuses.
In order to resolve above mentioned problems, an object of the present invention is to provide a content reproduction apparatus which can tell whether or not a device key embedded in a content reproduction apparatus is revoked or not.
Further, another object is to provide a content reproduction apparatus which can verify whether the same device key is embedded in the plurality of content reproduction apparatuses.